World Class Journalism

March 31, 2015March 31, 2015

GitHub Still Fighting DDoS Attack

GitHub is still battling what it says is the largest DDoS (distributed denial of service) attack in the service’s history.
What began around 10 p.m. Eastern Wednesday was still underway on Monday morning, according to GitHub’s Twitter feed.
In a Friday blog post, GitHub suggested that the attack was launched “to convince us to remove a specific class of content.”
According to The Wall Street Journal, the ongoing cyber assault directed massive volumes of traffic from China’s popular Baidu search engine to GitHub, paralyzing GitHub’s website in what appears to be an attempt to shut down anti-censorship tools.
Citing unnamed security experts, the Journal said traffic was directed specifically to two GitHub pages with links to websites that are banned in China—one from Greatfire.org that helps users circumvent government censorship, the other the New York Times’ Chinese-language site.
As of press time, Greatfire’s website was reporting a connection error; the company has asked Twitter users to send samples of the code behind the attack.
The Times declined to comment to PCMag.
GitHub did not speculate about who is behind the onslaught, saying only that it is “completely focused on mitigating this attack.”
“Our top priority is making sure github.com is available to all our users while deflecting malicious traffic,” the company said.
Just before 8 a.m. ET, the GitHub status page said “All systems reporting at 100%. Attack traffic continues, so we remain on high alert.” The same messages was tweeted by the company about 12 hours before.
“It is reprehensible that the censorship policies and actions of a nation-state are affecting” the largest code host in the world, Richard Bejtlich, chief security strategist at FireEye, wrote in a recent blog post.”The Chinese government is forcing GitHub to expend its private resources in order to continue serving its customers.”
Bejtlich called on the U.S. and other “like-minded governments” to “tell the Chinese to immediately stop this activity.”
Confirming reports that HTTP traffic originating outside of China was being redirected elsewhere, Baidu told PCMag that its security team is conducting a thorough investigation.
“[We] can say that we did not experience a security breach,” the company said in a statement, “and do not appear to have been hacked. We have informed other security organizations and are working with them to get to the bottom of this.”
According to cybersecurity firm F-Secure, the attack likely involved Chinese authorities, and used traffic from people outside the country, making the attack harder to block, the Journal said.
A bit closer to home, Rutgers University in New Jersey said it is also battling a DDoS attack, which possibly originated in Ukraine, NBC New York reported.